Page MenuHomePhabricator
Create Task
Maniphest T321625

Add support for privately registered participants to the "List the participants of an event" API endpoint
Closed, ResolvedPublic
Actions

Assigned To
Daimona
Authored By
Daimona
Oct 25 2022, 8:43 PM
Tags
Referenced Files
F35704435: Screen Shot 2022-11-03 at 5.18.02 PM.png
Nov 3 2022, 10:21 PM
F35704405: Screen Shot 2022-11-03 at 5.08.30 PM.png
Nov 3 2022, 10:21 PM
F35704320: Screen Shot 2022-11-03 at 4.41.26 PM.png
Nov 3 2022, 10:21 PM
F35704283: Screen Shot 2022-11-03 at 4.31.06 PM.png
Nov 3 2022, 10:21 PM
F35704275: Screen Shot 2022-11-03 at 4.29.31 PM.png
Nov 3 2022, 10:21 PM
Subscribers
Aklapper
Daimona
vaughnwalters

Description

Acceptance criteria

  • The endpoint should accept a parameter to determine if privately registered participants should be included
    • There should be a permission check on that
  • For each participant, the response should say whether they're privately registered or not
  • The documentation of the endpoint should be updated

Details

SubjectRepoBranchLines +/-
Add support for private registration to ListParticipantsHandlermediawiki/extensions/CampaignEventsmaster+97 -21
Customize query in gerrit

Related Objects
Search...

Event Timeline

Daimona created this task.Oct 25 2022, 8:43 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 25 2022, 8:43 PM
Daimona added a parent task: T319453: Implement support for private registration UI in EventDetails.Oct 25 2022, 8:46 PM
gerritbot added a comment.Oct 25 2022, 10:30 PM

Change 849186 had a related patch set uploaded (by Daimona Eaytoy; author: Daimona Eaytoy):

[mediawiki/extensions/CampaignEvents@master] Add support for private registration to ListParticipantsHandler

https://gerrit.wikimedia.org/r/849186

gerritbot added a project: Patch-For-Review.Oct 25 2022, 10:30 PM
Daimona claimed this task.Oct 25 2022, 10:31 PM
Daimona moved this task from Needs Input / Design in progress to Code Review on the Campaign-Tools (Campaign-Tools-Current-Sprint) board.
vyuen changed the task status from Open to In Progress.Oct 31 2022, 4:45 PM
vyuen moved this task from Backlog to V1 (MVP) on the Campaign-Registration board.
gerritbot added a comment.Nov 3 2022, 10:23 AM

Change 849186 merged by jenkins-bot:

[mediawiki/extensions/CampaignEvents@master] Add support for private registration to ListParticipantsHandler

https://gerrit.wikimedia.org/r/849186

Daimona mentioned this in rUCAM26d68bac7a55: Add support for private registration to ListParticipantsHandler.Nov 3 2022, 10:24 AM
Maintenance_bot removed a project: Patch-For-Review.Nov 3 2022, 10:30 AM
ReleaseTaggerBot added a project: MW-1.40-notes (1.40.0-wmf.10; 2022-11-14).Nov 3 2022, 11:00 AM
Daimona mentioned this in T321723: Implement permission checks to determine if user should be able to see privately registered participants.Nov 3 2022, 12:28 PM
Daimona moved this task from Code Review to QA 🐛 on the Campaign-Tools (Campaign-Tools-Current-Sprint) board.Nov 3 2022, 12:31 PM
vaughnwalters closed this task as Resolved.Nov 3 2022, 10:21 PM
vaughnwalters moved this task from QA 🐛 to Done 🏁 on the Campaign-Tools (Campaign-Tools-Current-Sprint) board.
vaughnwalters subscribed.

If query param ?include_private=false, then only publicly registered participants display:

Screen Shot 2022-11-03 at 4.29.31 PM.png (1×2 px, 341 KB)

If query param ?include_private=true is included, but user without permission to see privately registered users is logged in, then a 403 error is thrown. Note that this 403 is thrown even if the only privately registered user for the event is the one who is logged in.

Screen Shot 2022-11-03 at 4.31.06 PM.png (940×2 px, 184 KB)

If query param ?include_private=true is included, and organizer is logged in, then participants are displayed (including privately registered participants):

Screen Shot 2022-11-03 at 4.41.26 PM.png (1×1 px, 336 KB)

Also even if the user logged in is an admin but is not the organizer of the event, they get the 403 error:

Screen Shot 2022-11-03 at 5.08.30 PM.png (1×2 px, 204 KB)

@Daimona As a housekeeping note, I suggest moving the include_private param underneath id as to keep the required params together at the top in the endpoint doc for this:

Screen Shot 2022-11-03 at 5.18.02 PM.png (564×784 px, 74 KB)

Everything is working correctly so I am marking this as done/resolved ✅

Daimona added a comment.Nov 4 2022, 12:38 PM
In T321625#8368773, @vaughnwalters wrote:

@Daimona As a housekeeping note, I suggest moving the include_private param underneath id as to keep the required params together at the top in the endpoint doc for this:

Good point, done.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL